Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Security Testing :pen: - Coggle Diagram
Network Security Testing
:pen:
Network Security Testing Techniques
:red_flag:
Operations Security
Is concerned with the day-to-day practices necessary to first deploy and later maintain a secure system.
Operations security starts with the planning and implementation process of a network.
During these phases, the team analyzes, designs and identifies risks and vulnerabilities.
The staff that sets up conducts the security should have knowledge in these areas:
Operating systems
Basic programming
Networking protocols
Network vulnerabilities
Device hardening
Firewalls
IPSs
Testing and evaluating network security
Network security testing is performed on a network to ensure all security implementations are operating as expected.
Testing is conducted during the implementation and operational stages
After the network is fully integrated and operational, a ST&E is performed.
Uncover design, implementation, and operational flaws that could lead to the violation of the security policy.
Determine the adequacy of security mechanisms, assurances, and device properties to enforce the security policy.
Assess the degree of consistency between the system documentation and its implementation.
Types of network test
There are many security tests that can be conducted:
Penetration testing:
Simulate attacks from malicious sources to determinate the feasibility and consequences of an attack.
Network scanning:
Ping computers, listening ports and display which types of resources are available on the network.
Vulnerability scanning:
software that can detect potential weaknesses in the tested systems. These weaknesses can include misconfiguration, blank or default passwords, or potential targets for DoS attacks.
Password cracking
: This includes software that is used to test and detect weak passwords that should be changed.
Log review:
System administrators should review security logs to identify potential security threats.
Virus detection:
Virus or antimalware detection software should be used to identify and remove computer viruses and other malware.
Applying network test results
To define mitigation activities to address identified vulnerabilities
As a benchmark to trace the progress of an organization in meeting security requirements
To assess the implementation status of system security requirements
To conduct cost and benefit analysis for improvements to network security
To enhance other activities, such as risk assessments, certification and authorization (C&A), and performance improvement efforts
As a reference point for corrective action
Network Security Testing Tools
:keyboard:
Nmap/Zenmap - This is used to discover computers and their services on a network, therefore creating a map of the network.
SuperScan - This port scanning software is designed to detect open TCP and UDP ports, determine what services are running on those ports, and to run queries, such as whois, ping, traceroute, and hostname lookups.
SIEM (Security Information Event Management) - This is a technology used in enterprise organizations to provide real time reporting and long-term analysis of security events.
GFI LANguard - This is a network and security scanner which detects vulnerabilities.
Tripwire - This tool assesses and validates IT configurations against internal policies, compliance standards, and security best practices.
Nessus - This is a vulnerability scanning software, focusing on remote access, misconfigurations, and DoS against the TCP/IP stack.
L0phtCrack - This is a password auditing and recovery application.
Metasploit - This tool provides information about vulnerabilities and aids in penetration testing and IDS signature development.
Introduction
The networks are always under attack. We need to be prepared to protect it.
But how can we be sure that our networks are secure?
What tools are available to test it?
Here you will find some tools and techniques.
